📄 dot11rsnlib.c
字号:
*(pBug + 2), *(pBug + 3), 0, 0)); pDot11->sme->ksl.unlock(pDot11); return OK; } pBug += 4; length -= 4; } /* Check if we have enough bytes for the next element */ if (length < sizeof(UINT16)) { DOT11_LOG(DOT11_DEBUG_INFO, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: No more data after IE!\n", 0, 0, 0, 0, 0, 0)); pDot11->sme->ksl.unlock(pDot11); return ERROR; } /* Check the version field - for either protocol it should be 1 */ if (*pBug++ != DOT11_RSN_IE_VERSION) { DOT11_LOG(DOT11_DEBUG_INFO, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Bad version number %02x!\n", *--pBug, 0, 0, 0, 0, 0)); pDot11->sme->ksl.unlock(pDot11); return ERROR; } pBug ++; /* Ignore the high byte - must always be zero */ length -= sizeof(UINT16); /* Now that we know this is a valid IE, save it for future comparison in the fourway handshake */ if (*buffer == DOT11_ELEMID_RSN) { /* Save the IE so that we can compare against it in the four-way handshake */ bcopy((char *)buffer, (char *)pKsl->lastRsnIe, ((DOT11_IE_GENERIC *)buffer)->length + DOT11_IE_HEADER_SIZE); pKsl->secPol |= DOT11_SECPOL_11i; } else /* Must be WPA, since we passed check above */ { /* Save the IE so that we can compare against it in the four-way handshake */ bcopy((char *)buffer, (char *)pKsl->lastWpaIe, ((DOT11_IE_GENERIC *)buffer)->length + DOT11_IE_HEADER_SIZE); pKsl->secPol |= DOT11_SECPOL_WPA; } /* Check if we have enough bytes for the next element */ if (length < sizeof(DOT11_RSN_SUITE)) { status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; } /* Retrieve the group cipher suite */ pBug += DOT11_OUI_SIZE; /* Skip over the OUI */ pKsl->groupPol = dot11RsnSuiteToCiph[*pBug++]; length -= sizeof(DOT11_RSN_SUITE); /* Check if we have enough bytes for the next element */ if (length < sizeof(UINT16)) { status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; } /* Get the number of unicast ciphers */ numSuites = *pBug++; pBug ++; /* Ignore the high byte - must always be zero */ length -= sizeof(UINT16); /* Check if we have enough bytes for the next element */ if (length < numSuites * sizeof(DOT11_RSN_SUITE)) { DOT11_LOG(DOT11_DEBUG_INFO, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Not enough data for all unicast " "keys\n", 0, 0, 0, 0, 0, 0)); status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; } /* Retrieve all of the information from the unicast cipher suites */ while (numSuites > 0) { pBug += DOT11_OUI_SIZE; /* Skip over the OUI */ pKsl->ciphPol |= dot11RsnSuiteToCiph[*pBug++]; length -= sizeof(DOT11_RSN_SUITE); numSuites --; } /* Check if we have enough bytes for the next element */ if (length < sizeof(UINT16)) { status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; } /* Get the number of authentication suites */ numSuites = *pBug++; pBug ++; /* Ignore the high byte - must always be zero */ length -= sizeof(UINT16); /* Check if we have enough bytes for the next element */ if (length < numSuites * sizeof(DOT11_RSN_SUITE)) { DOT11_LOG(DOT11_DEBUG_INFO, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Not enough data for all auth " "suites\n", 0, 0, 0, 0, 0, 0)); status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; } /* Retrieve all of the information from the authentication suites */ while (numSuites > 0) { pBug += DOT11_OUI_SIZE; /* Skip over the OUI */ pKsl->authPol |= DOT11_AUTH_SUITE_TO_AUTHPOL(*pBug++); length -= sizeof(DOT11_RSN_SUITE); numSuites --; } /* Check if we have enough bytes for the next element */ if (length < sizeof(UINT16)) { status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; } /* Retrieve the info from the RSN capabilities field */ pKsl->rsnCap = *pBug++; pKsl->rsnCap |= (*pBug++) << 8; length -= sizeof (UINT16); if (length > 0) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: %d leftover bytes\n " , length, 0, 0, 0, 0, 0)); } /* Any error checking will be done in the calling routine, since this could only be the first iteration; there could be another IE coming. Once the calling routine is sure that all IEs have been processed, it should ensure that the unicast cipher, the negotiated security model and the authentication type are not zero. If so, then there is not an intersection of policies, and the association should not proceed */ status = dot11RsnSecIeNegotiate(pDot11, pKsl); if (pDot11->sme->ksl.unlock(pDot11) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeProcess: Cannot free KSL lock \n", 0,0,0,0,0,0)); return ERROR; } return status; }/****************************************************************************** dot11RsnIeNegotiate - Negotiates security policies** This routine is called from dot11RsnSecIeProcess() to take the information* stripped from the IE and perform an intersection with the current device* capabilities and policies. The results are stored in the KSL record. ** RETURNS: OK, or ERROR** ERRNO: N/A*/LOCAL STATUS dot11RsnSecIeNegotiate ( DOT11_FW * pDot11, /* Pointer to device structure */ DOT11_KSL_ENTRY * pKsl /* KSL entry for destination STA */ ) { UINT32 working; /* Scratchpad register */ /* Now that we've read in the new bits, we need to determine what our policy will be. This involves looking for the intersection of our policies and the policies that we read from the IE, and then choose the best of the intersecting policies. If an incoming packet contains both RSN and WPA IEs, this step will happen twice, with the second one being the more accurate. */ /* Get the intersection of the security policies. If more than one is allowed, then 802.11i is given precendence over WPA. The TSN flag is considered separately, since it applies to WPA and 802.11i alike. */ working = pKsl->secPol & pKsl->pBss->secPol; if ((working & DOT11_SECPOL_11i) != 0) { pKsl->negSecPol = DOT11_SECPOL_11i; } else if ((working & DOT11_SECPOL_WPA) != 0) { pKsl->negSecPol = DOT11_SECPOL_WPA; } else { pKsl->negSecPol = DOT11_SECPOL_NONE; } /* The TSN mode is allowed at the same time */ if (((pKsl->groupPol == DOT11_KEY_TYPE_WEP40) || (pKsl->groupPol == DOT11_KEY_TYPE_WEP104)) && ((pKsl->pBss->secPol & DOT11_SECPOL_TSN))) { pKsl->negSecPol |= DOT11_SECPOL_TSN; } /* Unicast Ciphers will be chosen from this list. The unicast cipher is the best cipher that is allowed by the cipher policy. AES is only allowed in 802.11i mode, while TKIP can be either WPA or 802.11i. For WEP to be used, the TSN flag must be set. Note that the order of preference for the ciphers is AES, TKIP, WEP104, WEP40. */ working = pKsl->pBss->ciphPol & pKsl->ciphPol; if ((((pKsl->negSecPol & DOT11_SECPOL_11i) != 0) || ((pKsl->negSecPol & DOT11_SECPOL_WPA) != 0) )&& ((working & DOT11_CIPHPOL_AES) != 0)) { pKsl->uniEncryptType = DOT11_KEY_TYPE_AES; } else if ((((pKsl->negSecPol & DOT11_SECPOL_11i) != 0) || ((pKsl->negSecPol & DOT11_SECPOL_WPA) != 0)) && ((working & DOT11_CIPHPOL_TKIP) != 0)) { pKsl->uniEncryptType = DOT11_KEY_TYPE_TKIP; } else if ((((pKsl->negSecPol & DOT11_SECPOL_TSN) != 0) && (((pKsl->negSecPol & DOT11_SECPOL_WPA) != 0) || ((pKsl->negSecPol & DOT11_SECPOL_11i) != 0))) && ((working & DOT11_CIPHPOL_WEP104) != 0)) { /* First, if the previous type was AES or TKIP, we need to delete the keys */ if ((pKsl->uniEncryptType == DOT11_KEY_TYPE_TKIP) || (pKsl->uniEncryptType == DOT11_KEY_TYPE_AES)) { /* Remove any existing unicast keys */ if ((pKsl->uniDecryptIndex != pKsl->uniEncryptIndex) && (pKsl->uniDecryptIndex != DOT11_KEYINDEX_NONE) && (pKsl->uniDecryptIndex >= DOT11_MAX_DEFAULT_KEY)) { if (pDot11->hdd->hwEncryptionKeyDel(pDot11, pKsl->uniDecryptIndex) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeNegotiate: Unable to free key " "%d\n", pKsl->uniEncryptIndex, 0,0,0,0,0)); } pKsl->uniDecryptIndex = DOT11_KEYINDEX_NONE; } if ((pKsl->uniEncryptIndex != DOT11_KEYINDEX_NONE) && (pKsl->uniEncryptIndex >= DOT11_MAX_DEFAULT_KEY)) { if (pDot11->hdd->hwEncryptionKeyDel(pDot11, pKsl->uniEncryptIndex) != OK) { DOT11_LOG(DOT11_DEBUG_ERROR, DOT11_AREA_RSN, ("dot11RsnSecIeNegotiate: Unable to free key " "%d\n", pKsl->uniEncryptIndex, 0,0,0,0,0)); } pKsl->uniEncryptIndex = DOT11_KEYINDEX_NONE; pKsl->uniDecryptIndex = DOT11_KEYINDEX_NONE; } } pKsl->uniEncryptType = DOT11_KEY_TYPE_WEP104; } else if ((((pKsl->negSecPol & DOT11_SECPOL_TSN) != 0) && (((pKsl->negSecPol & DOT11_SECPOL_WPA) != 0) || ((pKsl->negSecPol & DOT11_SECPOL_11i) != 0))) && ((working & DOT11_CIPHPOL_WEP40) != 0)) { /* First, if the previous type was AES or TKIP, we need to delete the keys */ if ((pKsl->uniEncryptType == DOT11_KEY_TYPE_TKIP) || (pKsl->uniEncryptType == DOT11_KEY_TYPE_AES)) { /* Remove any existing unicast keys */ if ((pKsl->uniDecryptIndex != pKsl->uniEncryptIndex) && ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -